With the increasing use of email for communication between friends and between companies and their prospective and existing customers, certain problems have arisen. First and foremost is the problem of too much email especially from companies and other senders from whom the recipient does not particularly want to receive email. Because the volume of email is growing, recipients tend to become oblivious to email and ignore it except if it is from a friend or a client or somebody the recipient knows and wants to hear from. As a result, recipients of unwanted email may delete important marketing or recall or other messages from companies that arrive along with many other unwanted messages.
Companies need a way to draw attention to their email so as to segregate it from other email thereby providing a better chance that their emails will be received and read by users who are bombarded with unwanted emails from many senders.
Companies also want a way to reassure users that when a user receives an email from the company, that the email is authentic and from that company and not somebody trying to pass themselves off as that company as a “phisher”. Phishing is a new development in the email world and involves unscrupulous individuals conning email users and browser users into believing they are communicating with an entity they want to communicate with when they are actually communicating with somebody they do not want to communicate with. This can severely damage the reputation of a company, so any methodology by which legitimate companies can protect their customers from phishers and communicate this fact to their customers and email recipients would be welcome addition to the marketing efforts of these companies.
Email recipients are especially interested in emails from their friends, clients, business associates and other persons with whom they want to communicate. It is important to these users that such emails be brought to their attention so as to stand out in their inboxes from all the other emails they receive.
Finally, email recipients have an interest in protecting themselves from phishing attacks. It is useful to email recipients to have emails that have been confirmed to be fraudulent brought to their attention such that they stand out in the user's inbox from all the other user's emails.
A recent example involving Microsoft highlights the gravity of this problem. This story was published in the Feb. 14, 2005 issue of Newsweek at page 12. An MSN user received an email indicating there was something wrong with her account and she was directed to go a URL provided in the email and re-enter her credit card number. At that URL, an official looking web page purporting to be hosted by Microsoft Network appeared, but it was a fake. The user was suspicious and referred the email to her son-in-law who worked for Microsoft. Microsoft launched an investigation to find out who was behind the fake website. Microsoft has a former U.S. Marshal as its lead cyberferret. Beginning in October 2003, Microsoft started an investigation filing suit against numerous John Does so it could use subpoena power in it attempt to untangle the convoluted trail of the email and the phony web page. The email path dead ended at an ISP in India, so the investigation turned its focus to the owner of the fake web page. Every web page has a URL which is traceable to the service that hosts it. But these URLs can lead to other addresses assigned by other ISPs or co-location services. With each round, a subpoena had to be served on the hosting ISP to find out who was paying for the service. The first round led to a company in San Fransciso. The second round led to another hosting service in San Francisco. Round three led to a free “re-direction service” in Austria. There the trail would have ended because the subpoena power of the U.S. courts does not extend beyond U.S. borders. However, luckily, the Austrian owner of the re-direction service hates phishers, and voluntarily provided the information. This information led to yet another internet address owned by Quest. A subpoena of Quest led to Microsoft itself: an address assigned to a Microsoft user who was a 69 year old man living in Davenport, Iowa. The man had a 21 year old grandson, Harris, who lived in his house and was a computer geek but who worked for Blockbuster. Microsoft then went to the FBI which searched the house in 2004 and siezed Harris' three computers. Microsoft then sued Harris who did not respond. Microsoft obtained a three million dollar default judgment. Good luck collecting on that. The real damage to Microsoft was in the possible losses to its customers from successful phishing attacks and the large amount of money and time consumed in the investigation.
Therefore, a need has arisen for a user interface and method of operating a computer to provide a protected email space where customers of the service can send emails and have their recipients free of fear that the emails are from phishers and wherein the emails are set apart from other emails in some distinctive way. Preferably, the needed system will provide an email inbox which brings to the attention of the user in different ways emails which are known to be from particular companies, emails which are from friends, clients, etc. on a user's white list and emails which are known to be fraudulent.